Download
| Alert*
oval:org.mitre.oval:def:11888
Buffer overflow in the ASN.1 BER dissector in Wireshark 0.10.13 through 1.0.13 and 1.2.0 through 1.2.8 has unknown impact and remote attack vectors. oval:org.mitre.oval:def:7331 The DOCSIS dissector in Wireshark 0.9.6 through 1.0.12 and 1.2.0 through 1.2.7 allows user-assisted remote attackers to cause a denial of service (application crash) via a malformed packet trace file. oval:org.mitre.oval:def:11488 The SMB PIPE dissector in Wireshark 0.8.20 through 1.0.13 and 1.2.0 through 1.2.8 allows remote attackers to cause a denial of service (NULL pointer dereference) via unknown vectors. oval:org.mitre.oval:def:12049 The SigComp Universal Decompressor Virtual Machine (UDVM) in Wireshark 0.10.8 through 1.0.14 and 1.2.0 through 1.2.9 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors related to sigcomp-udvm.c and an off-by-one error, which triggers a buffer ... oval:org.mitre.oval:def:12047 Stack-based buffer overflow in the ASN.1 BER dissector in Wireshark 0.10.13 through 1.0.14 and 1.2.0 through 1.2.9 has unknown impact and remote attack vectors. NOTE: this issue exists because of a CVE-2010-2284 regression. oval:org.mitre.oval:def:12031 The IPMI dissector in Wireshark 1.2.0 through 1.2.9 allows remote attackers to cause a denial of service (infinite loop) via unknown vectors. oval:org.mitre.oval:def:11608 The SMB dissector in Wireshark 0.99.6 through 1.0.13, and 1.2.0 through 1.2.8 allows remote attackers to cause a denial of service (NULL pointer dereference) via unknown vectors. oval:org.mitre.oval:def:11836 Buffer overflow in the SigComp Universal Decompressor Virtual Machine dissector in Wireshark 0.10.8 through 1.0.13 and 1.2.0 through 1.2.8 has unknown impact and remote attack vectors. oval:org.mitre.oval:def:11792 The SigComp Universal Decompressor Virtual Machine dissector in Wireshark 0.10.7 through 1.0.13 and 1.2.0 through 1.2.8 allows remote attackers to cause a denial of service (infinite loop) via unknown vectors. oval:org.mitre.oval:def:11651 packet-gsm_a_rr.c in the GSM A RR dissector in Wireshark 1.2.2 through 1.2.9 allows remote attackers to cause a denial of service (crash) via unknown vectors that trigger a NULL pointer dereference. oval:org.mitre.oval:def:11498 Untrusted search path vulnerability in Wireshark 0.8.4 through 1.0.15 and 1.2.0 through 1.2.10 allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse airpcap.dll, and possibly other DLLs, that is located in the same folder as ... oval:org.secpod.oval:def:201747 Wireshark is a program for monitoring network traffic. Wireshark was previously known as Ethereal. Multiple buffer overflow flaws were found in the Wireshark SigComp Universal Decompressor Virtual Machine dissector. If Wireshark read a malformed packet off a network or opened a malicious dump file, ... oval:org.secpod.oval:def:17116 The host is installed with Wireshark 1.2.0 through 1.2.13 or 1.4.0 through 1.4.2 and is prone to buffer overflow vulnerability. A flaw is present in the MAC-LTE dissector (epan/dissectors/packet-mac-lte.c), which fails to handle large number of RARs. Successful exploitation allows attackers to cause ... oval:org.secpod.oval:def:1263 The host is installed with Wireshark and is prone to denial of service vulnerability. A flaw is present in the application, which is due to double free vulnerability in tvb_uncompress function in epan/tvbuff.c. Successful exploitation could allow attackers to crash the application via packet with ma ... oval:org.secpod.oval:def:40811 The host is installed with Wireshark 0.9.15 through 1.0.10 or 1.2.0 through 1.2.5 and is prone to a buffer overflow vulnerability. A flaw is present in the LWRES dissectors, which fails to properly handle a malformed packet. Successful exploitation allows remote attackers to cause a denial of servic ... oval:org.secpod.oval:def:17118 The host is installed with Wireshark 1.4.x before 1.4.1 or 1.2.x before 1.2.12 and is prone to stack consumption vulnerability. A flaw is present in the dissect_ber_unknown function in epan/dissectors/packet-ber.c in the BER dissector, which fails to handle a long string in an unknown ASN.1/BER enco ... oval:org.secpod.oval:def:40814 The host is installed with Wireshark 0.10.13 through 1.0.13 or 1.2.0 through 1.2.8 and is prone to a buffer overflow vulnerability. A flaw is present in the ASN.1 BER dissectors, which fails to properly handle a unknown vectors. Successful exploitation allows remote attackers to cause unknown impact ... oval:org.secpod.oval:def:40815 The host is installed with Wireshark 0.8.20 through 1.0.13 or 1.2.0 through 1.2.8 and is prone to a denial of service vulnerability. A flaw is present in the SMB PIPE dissectors, which fails to properly handle a unknown vectors. Successful exploitation allows remote attackers to cause denial of serv ... oval:org.secpod.oval:def:40812 The host is installed with Wireshark 0.9.6 through 1.0.12 or 1.2.0 through 1.2.7 and is prone to a denial of service vulnerability. A flaw is present in the DOCSIS dissectors, which fails to properly handle a malformed packet. Successful exploitation allows remote attackers to cause a denial of serv ... oval:org.secpod.oval:def:40813 The host is installed with Wireshark 0.99.6 through 1.0.13 or 1.2.0 through 1.2.8 and is prone to a denial of service vulnerability. A flaw is present in the SMB dissectors, which fails to properly handle a unknown vectors. Successful exploitation allows remote attackers to cause a denial of service ... oval:org.secpod.oval:def:40818 The host is installed with Wireshark 1.2.2 through 1.2.9 and is prone to a denial of service vulnerability. A flaw is present in the GSM A RR dissector, which fails to properly handle a unknown vectors. Successful exploitation allows remote attackers to cause a denial of service (crash). oval:org.secpod.oval:def:40819 The host is installed with Wireshark 1.2.0 through 1.2.9 and is prone to a denial of service vulnerability. A flaw is present in the IPMI dissector, which fails to properly handle a unknown vectors. Successful exploitation allows remote attackers to cause a denial of service (infinite loop). oval:org.secpod.oval:def:40816 The host is installed with Wireshark 0.10.7 through 1.0.13 or 1.2.0 through 1.2.8 and is prone to a denial of service vulnerability. A flaw is present in the SigComp Universal Decompressor Virtual Machine dissector, which fails to properly handle a unknown vectors. Successful exploitation allows rem ... oval:org.secpod.oval:def:40817 The host is installed with Wireshark 0.10.8 through 1.0.13 or 1.2.0 through 1.2.8 and is prone to a buffer overflow vulnerability. A flaw is present in the SigComp Universal Decompressor Virtual Machine dissector, which fails to properly handle a unknown vectors. Successful exploitation allows remot ... oval:org.secpod.oval:def:201718 Wireshark is a program for monitoring network traffic. Wireshark was previously known as Ethereal. Multiple buffer overflow flaws were found in the Wireshark SigComp Universal Decompressor Virtual Machine dissector. If Wireshark read a malformed packet off a network or opened a malicious dump file, ... oval:org.secpod.oval:def:40821 The host is installed with Wireshark 0.10.8 through 1.0.14 or 1.2.0 through 1.2.9 and is prone to a denial of service vulnerability. A flaw is present in the SigComp Universal Decompressor Virtual Machine, which fails to properly handle vectors related to sigcomp-udvm.c and an off-by-one error. Succ ... oval:org.secpod.oval:def:40822 The host is installed with Wireshark 1.4.x before 1.4.1 or 1.2.x before 1.2.12 and is prone to a stack consumption vulnerability. A flaw is present in the BER dissector, which fails to properly handle a long string in an unknown ASN.1/BER encoded packet. Successful exploitation allows remote attacke ... oval:org.secpod.oval:def:40820 The host is installed with Wireshark 0.10.13 through 1.0.14 or 1.2.0 through 1.2.9 and is prone to a stack-based buffer overflow vulnerability. A flaw is present in the ASN.1 BER dissector, which fails to properly handle a unknown vectors. Successful exploitation allows remote attackers to cause unk ... oval:org.secpod.oval:def:40823 The host is installed with Wireshark 1.4.x before 1.4.1 or 1.2.x before 1.2.12 and is prone to a heap-based buffer overflow vulnerability. A flaw is present in the LDSS dissector, which fails to properly handle vectors related to sigcomp-udvm.c and an off-by-one error. Successful exploitation allows ... oval:org.secpod.oval:def:1517 The host is installed with Wireshark and is prone to denial of service vulnerability. A flaw is present in the application which fails to handle Lucent/Ascend file parser when processing malformed packets. Successful exploitation allows remote attacker to cause denial of service condition. oval:org.secpod.oval:def:40827 The host is installed Wireshark 1.2.0 through 1.2.13 or 1.4.0 through 1.4.2 and is prone to a buffer overflow vulnerability. A flaw is present MAC-LTE dissector, which fails to properly handle a large number of RARs. Successful exploitation allows remote attackers to cause a denial of service (crash ... oval:org.secpod.oval:def:500336 Wireshark is a program for monitoring network traffic. Wireshark was previously known as Ethereal. A heap-based buffer overflow flaw was found in the Wireshark Local Download Sharing Service dissector. If Wireshark read a malformed packet off a network or opened a malicious dump file, it could cras ... oval:org.secpod.oval:def:40844 The host is installed Wireshark 1.2.x before 1.2.18, 1.4.x through 1.4.7 or 1.6.0 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle malformed packets. Successful exploitation allows remote attackers to cause a denial of service (i ... oval:org.secpod.oval:def:40842 The host is installed Wireshark 1.2.x before 1.2.17 or 1.4.x before 1.4.7 and is prone to a double free vulnerability. A flaw is present in the application, which fails to properly handle a packet with malformed data. Successful exploitation allows remote attackers to cause a denial of service (appl ... oval:org.secpod.oval:def:17145 The host is installed with Wireshark 1.2.0 through 1.2.12 or 1.4.0 through 1.4.1 and is prone to heap based buffer overflow vulnerability. A flaw is present in the application, which fails to handle an LDSS packet with a long digest line in the dissect_ldss_transfer function (epan/dissectors/packet- ... oval:org.secpod.oval:def:500306 Wireshark is a program for monitoring network traffic. Wireshark was previously known as Ethereal. Multiple buffer overflow flaws were found in the Wireshark SigComp Universal Decompressor Virtual Machine dissector. If Wireshark read a malformed packet off a network or opened a malicious dump file, ... oval:org.secpod.oval:def:1260 The host is installed with Wireshark and is prone to denial of service vulnerability. A flaw is present in the application which is due to an error in DICOM dissector when processing certain malformed packets. Successful exploitation allows remote attacker to cause denial of service condition. oval:org.secpod.oval:def:40839 The host is installed Wireshark 1.2.x before 1.2.17 or 1.4.x before 1.4.7 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle invalid PDU length. Successful exploitation allows remote attackers to cause a denial of service (applicat ... oval:org.secpod.oval:def:945 The host is installed with Wireshark and is prone to denial of service vulnerability. A flaw is present in the X.509if dissector, which fails to properly initialize certain global variables. Successful exploitation could allow remote attackers to cause a denial of service via crafted .pcap files. oval:org.secpod.oval:def:40836 The host is installed Wireshark 1.2.x before 1.2.16 or 1.4.x before 1.4.5 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle crafted .pcap file. Successful exploitation allows remote attackers to cause a denial of service (applicat ... oval:org.secpod.oval:def:201744 Wireshark is a program for monitoring network traffic. Wireshark was previously known as Ethereal. An invalid pointer dereference flaw was found in the Wireshark SMB and SMB2 dissectors. If Wireshark read a malformed packet off a network or opened a malicious dump file, it could crash or, possibly, ... oval:org.secpod.oval:def:500291 Wireshark is a program for monitoring network traffic. Wireshark was previously known as Ethereal. An invalid pointer dereference flaw was found in the Wireshark SMB and SMB2 dissectors. If Wireshark read a malformed packet off a network or opened a malicious dump file, it could crash or, possibly, ... oval:org.mitre.oval:def:8490 Multiple buffer overflows in the LWRES dissector in Wireshark 0.9.15 through 1.0.10 and 1.2.0 through 1.2.5 allow remote attackers to cause a denial of service (crash) via a malformed packet, as demonstrated using a stack-based buffer overflow to the dissect_getaddrsbyname_request function. oval:org.secpod.oval:def:201827 Wireshark is a program for monitoring network traffic. Wireshark was previously known as Ethereal. An invalid pointer dereference flaw was found in the Wireshark SMB and SMB2 dissectors. If Wireshark read a malformed packet off a network or opened a malicious dump file, it could crash or, possibly, ... oval:org.secpod.oval:def:1261 The host is installed with Wireshark and is prone to NULL pointer dereference vulnerability. A flaw is present in the application which is due to an error in the handling of corrupted Diameter dictionary file. Successful exploitation allows remote attacker to cause denial of service condition. oval:org.secpod.oval:def:1262 The host is installed with Wireshark and is prone to denial of service vulnerability. A flaw is present in the application which fails in the handling of corrupted snoop files. Successful exploitation allows remote attacker to cause application crash. oval:org.secpod.oval:def:1264 The host is installed with Wireshark and is prone to denial of service vulnerability. A flaw is present in the application, which is caused due an integer overflow in the visual_read function in wiretap/visual.c. Successful exploitation could allow an attacker to create denial of service conditions ... oval:org.secpod.oval:def:202528 Wireshark, previously known as Ethereal, is a network protocol analyzer. It is used to capture and browse the traffic running on a computer network. A heap-based buffer overflow flaw was found in the way Wireshark handled Endace ERF capture files. If Wireshark opened a specially-crafted ERF capture ... oval:org.secpod.oval:def:40840 The host is installed Wireshark 1.2.x before 1.2.17 or 1.4.x before 1.4.7 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle crafted Diameter dictionary file. Successful exploitation allows remote attackers to cause a denial of ser ... oval:org.secpod.oval:def:40843 The host is installed Wireshark 1.2.x before 1.2.17 or 1.4.x before 1.4.7 and is prone to an integer underflow vulnerability. A flaw is present in the application, which fails to properly handle a malformed Visual Networks file. Successful exploitation allows remote attackers to cause a denial of se ... oval:org.secpod.oval:def:40841 The host is installed Wireshark 1.2.x before 1.2.17 or 1.4.x before 1.4.7 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle certain virtualizable buffers. Successful exploitation allows remote attackers to cause a denial of servic ... oval:org.secpod.oval:def:1500080 Updated wireshark packages that fix several security issues, three bugs,and add one enhancement are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderatesecurity impact. Common Vulnerability Scoring System base scores,which give de ... oval:org.secpod.oval:def:600584 Huzaifa Sidhpurwala, David Maciejak and others discovered several vulnerabilities in the X.509if and DICOM dissectors and in the code to process various capture and dictionary files, which could lead to denial of service or the execution of arbitrary code. oval:org.secpod.oval:def:500936 Wireshark, previously known as Ethereal, is a network protocol analyzer. It is used to capture and browse the traffic running on a computer network. A heap-based buffer overflow flaw was found in the way Wireshark handled Endace ERF capture files. If Wireshark opened a specially-crafted ERF capture ... oval:org.secpod.oval:def:1500299 Updated wireshark packages that fix multiple security issues, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System base scores, wh ... oval:org.secpod.oval:def:200538 Wireshark is a program for monitoring network traffic. Wireshark was previously known as Ethereal. A heap-based buffer overflow flaw was found in Wireshark. If Wireshark opened a specially-crafted capture file, it could crash or, possibly, execute arbitrary code as the user running Wireshark. Sever ... oval:org.secpod.oval:def:17114 The host is installed with Wireshark 1.2.0 through 1.2.14 or 1.4.0 through 1.4.3, and is prone to heap-based buffer overflow vulnerability. A flaw is present in the wiretap/dct3trace.c, which fails to handle a long record in a Nokia DCT3 trace file. Successful exploitation allows attackers to cause ... oval:org.secpod.oval:def:17113 The host is installed with Wireshark before 1.4.4 and is prone to denial of service vulnerability. A flaw is present in the NTLMSSP dissector, which fails to handle a crafted .pcap file. Successful exploitation allows attackers to cause a denial of service (NULL pointer dereference and application c ... oval:org.secpod.oval:def:390 The host is installed with Wireshark and is prone to memory corruption vulnerability. A flaw is present in the application where large LDAP Filter strings consumes excessive amount of memory. Successful exploitation allows remote attackers to cause denial of service condition. oval:org.secpod.oval:def:392 The host is installed with Wireshark and is prone to multiple stack consumption vulnerabilities. The flaws are present in the application which fails to handle infinite recursion due to large packet length. Successful exploitation allow remote attackers to cause a denial of service. oval:org.secpod.oval:def:391 The host is installed with Wireshark and is prone to stack consumption vulnerability. A flaw is present in the application while handling ASN description with a recursive definition of a CHOICE. Successful exploitation allow remote attackers to cause a denial of service condition. oval:org.secpod.oval:def:40829 The host is installed Wireshark 1.2.0 through 1.2.14, 1.4.0 through 1.4.3 or 1.5.0 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle a malformed file. Successful exploitation allows remote attackers to cause a denial of service (m ... oval:org.secpod.oval:def:393 The host is installed with Wireshark and is prone to denial of service vulnerability. A flaw is present in the application which fails to properly handle large packet lengths. Successful exploitation allow remote attackers to cause application to crash. oval:org.secpod.oval:def:40832 The host is installed Wireshark 1.0.x, 1.2.0 through 1.2.14 or 1.4.0 through 1.4.3 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle a crafted SMB or CLDAP packet. Successful exploitation allows remote attackers to cause a denial ... oval:org.secpod.oval:def:40833 The host is installed Wireshark 1.0.x, 1.2.0 through 1.2.14 or 1.4.0 through 1.4.3 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle long LDAP filter string. Successful exploitation allows remote attackers to cause a denial of ser ... oval:org.secpod.oval:def:40830 The host is installed Wireshark 1.2.0 through 1.2.14 or 1.4.0 through 1.4.3 and is prone to a heap-based buffer overflow vulnerability. A flaw is present in the application, which fails to properly handle a long record in a Nokia DCT3 trace file. Successful exploitation allows remote attackers to ca ... oval:org.secpod.oval:def:40831 The host is installed Wireshark 1.2.0 through 1.2.14 or 1.4.0 through 1.4.3 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle a pcap-ng file. Successful exploitation allows remote attackers to cause a denial of service (applicatio ... oval:org.secpod.oval:def:40834 The host is installed Wireshark 1.2.x through 1.2.15 or 1.4.x through 1.4.4 and is prone to a stack consumption vulnerability. A flaw is present in the application, which fails to properly handle vectors involving self-referential ASN.1 CHOICE values. Successful exploitation allows remote attackers ... oval:org.secpod.oval:def:40835 The host is installed Wireshark before 1.4.4 and is prone to a denial of service vulnerability. A flaw is present in the NTLMSSP dissector, which fails to properly handle crafted .pcap file. Successful exploitation allows remote attackers to cause a denial of service (NULL pointer dereference and ap ... oval:org.secpod.oval:def:201677 Wireshark is a program for monitoring network traffic. Wireshark was previously known as Ethereal. A heap-based buffer overflow flaw was found in Wireshark. If Wireshark opened a specially-crafted capture file, it could crash or, possibly, execute arbitrary code as the user running Wireshark. Sever ... oval:org.secpod.oval:def:500191 Wireshark is a program for monitoring network traffic. Wireshark was previously known as Ethereal. A heap-based buffer overflow flaw was found in Wireshark. If Wireshark opened a specially-crafted capture file, it could crash or, possibly, execute arbitrary code as the user running Wireshark. Sever ... oval:org.secpod.oval:def:190 The host is installed with Wireshark 1.5.0 or before 1.4.3 and is prone to memory corruption vulnerability. A flaw is present in the application, which fails to handle a specially-crafted .pcap file. Successful exploitation could allow remote attackers to corrupt memory by executing arbitrary code o ... oval:org.secpod.oval:def:500148 Wireshark is a program for monitoring network traffic. Wireshark was previously known as Ethereal. A heap-based buffer overflow flaw was found in the Wireshark MAC-LTE dissector. If Wireshark read a malformed packet off a network or opened a malicious dump file, it could crash or, possibly, execute ... oval:org.secpod.oval:def:500786 Wireshark is a program for monitoring network traffic. Wireshark was previously known as Ethereal. Several flaws were found in Wireshark. If Wireshark read a malformed packet off a network or opened a malicious dump file, it could crash or, possibly, execute arbitrary code as the user running Wiresh ... oval:org.secpod.oval:def:202326 Wireshark is a program for monitoring network traffic. Wireshark was previously known as Ethereal. Several flaws were found in Wireshark. If Wireshark read a malformed packet off a network or opened a malicious dump file, it could crash or, possibly, execute arbitrary code as the user running Wiresh ... |